Explore Fabric Security insights in the OneLake catalog – Govern tab
We want to update on a strategic evolution in how you can access and utilize security insights within Microsoft Fabric! The powerful reports you’ve relied on in the Microsoft Purview Hub are officially transitioning and being significantly enhanced within the new Admin Report in the Govern tab of the OneLake Catalog, as was announced at Ignite in November and explained in the Govern in OneLake Catalog for Fabric admins (Preview) blog post.
This isn’t just a relocation; it’s a consolidation and elevation of your most critical governance data. This move is a direct response to your feedback and a key step in providing a more unified, intuitive, and action-oriented governance experience right where your data lives.
Why this is great for you
- Unified Governance Command Center
The Fabric experience is centered around the OneLake catalog, which is the single entry point for all your data. By placing the Admin Report within the catalog’s Govern tab, we are creating a true, unified command center.
Before this change, the insights were separated from the data discovery and management layers. Now you get a single, cohesive view, directly alongside the tools you use to manage, discover, and govern that data. This proximity transforms reporting from a passive review into an active part of your data management workflow.
- Enhanced Actionability and Context
The OneLake catalog – Govern tab is designed to be more than just charts and numbers—it’s designed for rapid action. When you identify a gap—such as a key report missing a sensitivity label or an uncertified asset being heavily used—the path to remediation is shorter.
- Simplified Administrator Experience
Our primary goal is to make the Fabric Admin’s job easier. The dedicated Govern tab reinforces the importance of data stewardship, making it impossible to overlook critical security and compliance insights.
The insights in the new Admin Report
The enhanced Admin Report carries forward and strengthens the key governance insights you rely on, providing a clear picture of your tenant’s security health:
- Sensitivity Label Coverage: Get an immediate visualization of the percentage of your Fabric items (Lakehouses, Warehouses, Reports, etc.) that are labeled. This allows you to rapidly target and protect unlabeled, high-risk data.
- Data Loss Prevention State: See which workspaces or data items have yet to be evaluated by DLP policies, helping you ensure your data is being protected by DLP scans and identify risks of sensitive data exposure.
Copilot can be activated as well to help you further explore your security insights and allow you to interact with your tenant-level findings.
How can I find these insights?
In OneLake catalog, navigate to the “Govern” tab at the top. You’ll see your insights at a glance. Select “View more” on the top right.
Within the new and rich report, select the middle tab: “Protect, secure and comply”
To toggle between Information Protection and Data Loss Prevention insights, use the buttons on data slicers menu:
Sensitivity label coverage
On top of the top-level insights, such as which label is most commonly used and the percentage of unlabeled items in your tenant, you’ll be able to drill down and slice your label usage by item type and by users. This will help you locate them easily and fix any discrepancies found between certain items and the label applied to them, based on your company’s policies. Moreover, you can get a full inventory of your different labels, or look at their distribution by domain or workspace for a richer understanding of how they’re being used across the tenant.
Data Loss Prevention state
Since DLP is set at the workspace level, you can see which workspaces have DLP enabled on them so you can get a clear view of what is protected in your tenant. The more coverage you have by DLP policies, the more protected you are from sensitive data being exposed to users without your knowledge. Within the items that DLP has already evaluated, you’ll be able to locate those that have found results, in other words – that have violated the policy set by the organization. Drilling into those will allow you to take action, such as applying a more restrictive label or removing sensitive information. You can also break down which items have been scanned by type, or by location. And finally, you can analyze data by the last time DLP ran, to conclude the freshness of the evaluation and refresh data as necessary, to trigger a new scan.
This report is a powerful statement about our commitment to integrated, user-centric data governance. By making security insights an inherent part of your data catalog workflow, we are empowering you to manage your Fabric environment with unparalleled clarity and control.
Ready to explore the enhanced governance experience? Head over to OneLake catalog and select the new Govern tab to access your admin insights today!
Note: All these insights have moved permanently to the Govern tab in OneLake catalog, and we’ll be removing the Purview Hub report by the end of January 2026.
